ID

VAR-201006-0509


TITLE

Unknown buffer overflow vulnerability in Twitter on iPhone platform

Trust: 0.6

sources: CNVD: CNVD-2010-1182

DESCRIPTION

Twitter for iPhone is a Twitter client for the iPhone platform. There is a buffer overflow on the Twitter client under the iPhone platform that can be triggered by an infrequently used user profile location. No detailed vulnerability details are currently available. Twitter for iPhone is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Versions prior to Twiiter for iPhone 3.0.1 are vulnerable

Trust: 0.81

sources: CNVD: CNVD-2010-1182 // BID: 41129

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2010-1182

AFFECTED PRODUCTS

vendor:nomodel: - scope: - version: -

Trust: 0.6

vendor:twittermodel:for iphonescope:eqversion:3.0

Trust: 0.3

vendor:twittermodel:for iphonescope:neversion:3.0.1

Trust: 0.3

sources: CNVD: CNVD-2010-1182 // BID: 41129

THREAT TYPE

network

Trust: 0.3

sources: BID: 41129

TYPE

Boundary Condition Error

Trust: 0.3

sources: BID: 41129

PATCH

title:Unknown buffer overflow patch for Twitter on iPhone platformurl:https://www.cnvd.org.cn/patchinfo/show/515

Trust: 0.6

sources: CNVD: CNVD-2010-1182

EXTERNAL IDS

db:BIDid:41129

Trust: 0.9

db:CNVDid:CNVD-2010-1182

Trust: 0.6

sources: CNVD: CNVD-2010-1182 // BID: 41129

REFERENCES

url:http://fnstenv.blogspot.com/2010/06/twitter-for-iphone.html

Trust: 0.9

url:http://itunes.apple.com/ca/app/twitter/id333903271?mt=8

Trust: 0.3

url:http://twitter.com/

Trust: 0.3

sources: CNVD: CNVD-2010-1182 // BID: 41129

CREDITS

atebits

Trust: 0.3

sources: BID: 41129

SOURCES

db:CNVDid:CNVD-2010-1182
db:BIDid:41129

LAST UPDATE DATE

2022-05-17T01:45:44.394000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2010-1182date:2010-06-25T00:00:00
db:BIDid:41129date:2010-06-24T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2010-1182date:2010-06-25T00:00:00
db:BIDid:41129date:2010-06-24T00:00:00